Skip to content
This repository has been archived by the owner on Jul 17, 2020. It is now read-only.
/ hermit Public archive

A microservice to enable client side applications to log to Humio without exposing the ingest token

2 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

limejump/hermit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

47 Commits

.circleci

.circleci

 
 

k8s

k8s

 
 

src

src

 
 

test

test

 
 

.env.example

.env.example

 
 

.gitignore

.gitignore

 
 

.prettierrc

.prettierrc

 
 

Dockerfile

Dockerfile

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

ToDo.txt

ToDo.txt

 
 

nest-cli.json

nest-cli.json

 
 

nodemon-debug.json

nodemon-debug.json

 
 

nodemon.json

nodemon.json

 
 

package.json

package.json

 
 

tsconfig.build.json

tsconfig.build.json

 
 

tsconfig.json

tsconfig.json

 
 

tslint.json

tslint.json

 
 

yarn.lock

yarn.lock

 
 

Repository files navigation

Description

A Nest framework microservice to proxy logs from client side applications to Humio.

It provides three endpoints:

  • /v1/structured - logs structured logs to Humio
  • /v1/unstructured - logs unstructured logs to Humio - note these logs will require a parser to be configured
  • /v1/ready - returns 200 if the microservice is online

All endpoints except /v1/ready require a JWT authorization token to be sent in the header.

Example Query

curl --request POST \
  --url http://localhost:3000/v1/structured \
  --header 'authorization: Bearer MY_JWT_TOKEN' \
  --header 'content-type: application/json' \
  --data '[
  {
    "tags": {
      "source": "application.log"
    },
    "events": [
      {
        "timestamp": "2018-06-06T13:00:00+02:00",
        "attributes": {
          "hello": "world"
        }
      },
      {
        "timestamp": "2018-06-06T13:00:01+02:00",
        "attributes": {
          "statuscode": "200",
          "url": "/index.html"
        }
      }
    ]
  },
  {
    "tags": {
      "source": "application.log"
    },
    "events": [
      {
        "timestamp": "2018-06-06T13:00:02+02:00",
        "attributes": {
          "key1": "value1"
        }
      }
    ]
  }
]'

Configuration

The application requires two secret environment variables to be set. Examples of these (with insecure values!) can be found in .env.example. During local development a .env file can be used and authorization is disabled. For production these values are required to be set and a .env file cannot be used.

  • JWT_SECRET, the secret key used to decode JWT tokens passed in the header
  • DEFAULT_INGEST_TOKEN, the ingest token for the Humio repository you wish to log to. More details about ingest tokens can be found here.
  • WHITELIST_CORS, a comma separated set of regex or strings that are the domains that should be allowed to make CORS requests

Installation

$ yarn install

Running the app

# development
$ yarn run start

# watch mode
$ yarn run start:dev

# production mode
$ yarn run start:prod

Test

# unit tests
$ yarn run test

# e2e tests
$ yarn run test:e2e

# test coverage
$ yarn run test:cov

Deploying using Docker

We have Google Cloud Build set up to build the Docker image on push to master. Currently we just publish a single Docker tag. An issue has been opened here to implement versioning (including version tagged Docker images).

The latest master branch build is available at gcr.io/limejump-public/hermit:latest.

About

A microservice to enable client side applications to log to Humio without exposing the ingest token

Topics

nodejs microservice logging nestjs humio

Resources

Readme
Activity
Custom properties

Stars

2 stars

Watchers

22 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages